Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

zohocorp manageengine servicedesk plus 13.0 vulnerabilities and exploits

(subscribe to this query)

7.2
CVE-2022-40770
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to authenticated command injection. This can be exploited by high-privileged users....
Zohocorp Manageengine Servicedesk Plus 13.0Zohocorp Manageengine Servicedesk PlusZohocorp Manageengine Servicedesk Plus Msp 10.6Zohocorp Manageengine Servicedesk Plus MspZohocorp Manageengine Supportcenter Plus 11.0Zohocorp Manageengine Supportcenter Plus
5.3
CVSSv3
CVE-2022-25245
Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default currency name....
Zohocorp Manageengine Servicedesk PlusZohocorp Manageengine Servicedesk Plus 13.0
7.5
CVSSv3
CVE-2022-35403
Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. (This also affects Asset Explorer before 6977 with...
Zohocorp Manageengine Servicedesk Plus 13.0Zohocorp Manageengine Servicedesk PlusZohocorp Manageengine Servicedesk Plus Msp 10.6Zohocorp Manageengine Servicedesk Plus MspZohocorp Manageengine Supportcenter Plus 11.0Zohocorp Manageengine Supportcenter PlusZohocorp Manageengine Assetexplorer 6.9Zohocorp Manageengine Assetexplorer
4.9
CVE-2022-40771
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to an XML External Entity attack that leads to Information Disclosure....
Zohocorp Manageengine Servicedesk PlusZohocorp Manageengine Servicedesk Plus 14.0Zohocorp Manageengine Servicedesk Plus MspZohocorp Manageengine Servicedesk Plus Msp 13.0Zohocorp Manageengine Supportcenter Plus 11.0Zohocorp Manageengine Supportcenter PlusZohocorp Manageengine Assetexplorer 6.9Zohocorp Manageengine Assetexplorer
9.1
CVE-2023-22964
Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before 13004, is vulnerable to authentication bypass when LDAP authentication is enabled....
Zohocorp Manageengine Servicedesk Plus Msp 10.6Zohocorp Manageengine Servicedesk Plus Msp 13.0
6.1
CVE-2023-23077
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 13 via the comment field when adding a new status comment....
Zohocorp Manageengine Servicedesk Plus 13.0
9.8
CVE-2022-47966
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for...
Zohocorp Manageengine Access Manager Plus 4.3Zohocorp Manageengine Access Manager PlusZohocorp Manageengine Ad360Zohocorp Manageengine Ad360 4.3Zohocorp Manageengine Adaudit Plus 7.0Zohocorp Manageengine Adaudit PlusZohocorp Manageengine Admanager Plus 7.1Zohocorp Manageengine Admanager PlusZohocorp Manageengine Adselfservice Plus 6.2Zohocorp Manageengine Adselfservice PlusZohocorp Manageengine Analytics PlusZohocorp Manageengine Analytics Plus 5.1Zohocorp Manageengine Assetexplorer 6.9Zohocorp Manageengine AssetexplorerZohocorp Manageengine Key Manager PlusZohocorp Manageengine Key Manager Plus 6.4Zohocorp Manageengine Pam360 5.7Zohocorp Manageengine Pam360Zohocorp Manageengine Password Manager ProZohocorp Manageengine Password Manager Pro 12.1Zohocorp Manageengine Servicedesk PlusZohocorp Manageengine Servicedesk Plus 14.0Zohocorp Manageengine Servicedesk Plus MspZohocorp Manageengine Servicedesk Plus Msp 13.0Zohocorp Manageengine Supportcenter Plus 11.0Zohocorp Application Control PlusZohocorp Manageengine Browser Security PlusZohocorp Manageengine Device Control PlusZohocorp Manageengine Desktop CentralZohocorp Manageengine Endpoint Dlp PlusZohocorp Manageengine Os DeployerZohocorp Manageengine Patch Manager PlusZohocorp Manageengine Remote Access PlusZohocorp Manageengine Vulnerability Manager PlusZohocorp Manageengine Rmm Central
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-45441arbitrary CVE-2022-31254CVE-2023-0719CVE-2023-25136CVE-2023-0744CVE-2022-0847unspecifiedspoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook